Can this be protected?
Bill Freeman
f at ke1g.mv.com
Thu Mar 25 17:12:00 EST 2004
Check out the contact page off of my web site:
http://www.mv.com/ipusers/ke1g/emform.html
It's a form that invokes a cgi program (provided by my ISP,
but I'm sure that you can do something similar) that allows me, among
other things, to send myself an email containing the data from the
form. So I provide inputs for subject, body, return address and name,
and create an email carrying them in the body.
I haven't heard from anyone this way, but I did get my own
test messages, so I'm pretty sure that it works. :^)
The control file, in a password protected subdirectory
(.htaccess) is the only thing that has my email address. I'm
presuming that even if you knew the file's name you couldn't read it
to extract my email address.
I'd be interested in comments from the list about the security
of this scheme.
For any of you who are MV customers and want to do the same
thing, I can give you sanatized versions of the three hidden files
(the control file, a template for the email, and page to return to the
user upon success), but the MV documentation for the form-submit tool
and password protecting directories is pretty clear (under customer
tools, web, or something close).
Bill
More information about the gnhlug-discuss
mailing list